The [[SIM Card]] is the basic memory device inside of many mobile phones in use today. This small piece of hardware has been key to solving many cases in the world of [[SIM Card Forensics]]. However, without the proper knowledge of the SIM card's filesystem, the user will be missing out on all the valuable information the [[SIM Card]] holds.

+

Golden G. Richard III is Professor of Computer Science, University Research Professor, and Director of the Greater New Orleans Center for Information Assurance (GNOCIA) at the University of New Orleans, where he has taught and done research in cybersecurity, operating systems internals, reverse engineering, and malware analysis since 1994. Golden earned a Ph.D. in Computer Science from The Ohio State University in 1995. He is also the Founder and Owner of Arcane Alloy, LLC, a private digital forensics and cybersecurity firm, the original author of the [[Scalpel]] file [[Carving|carving]] tool, a pioneer in applying high performance computing principles to digital forensics, and a professional music photographer.

+

He maintains a [[Blogs|blog]] called "Outlook Purple" and can be found on Twitter at @nolaforensix.

−

== Getting Started ==

+

== See Also ==

−

[[File:What_you_need.jpg|250px|thumb|Items you'll need]]

+

[[Forensics on GPUs]]

−

This is a list of items to get you started on reading SIM Cards and their information:

+

== External Links ==

−

# [[SIMCon]]

+

* [http://www.cs.uno.edu/~golden Official website]

−

#* Program used to read SIM Cards

+

* [http://www.arcanealloy.com Arcane Alloy, LLC]

−

# [[SIM Cards]]

+

* [http://outlookpurple.blogspot.com Outlook Purple]

−

# SIM Card Reader

+

* [http://www.highisomusic.com High ISO Music]

−

== Quick Guide for SIMCon ==

+

[[Category:People]]

−

+

−

# Make sure the SIM Card Reader with SIM Card is connected

+

−

# Open [[SIMCon]]

+

−

# Click File > Read SIM or Click [[File:Simcon.png]] in the upper left corner of [[SIMCon]]

+

−

# Click OK when the next dialog box pops up

+

−

#* '''Note''', some SIM cards are locked. This is where the PIN needs to be entered if known.

+

−

#* If the PIN is unknown, the SIM cannot be read.

+

−

# Click OK again when the next dialog box pops up

+

−

+

−

== Definitions ==

+

−

+

−

=== MF ===

+

−

* Only '''one''' MF

+

−

* The Master File (MF)

+

−

* Root of the SIM Card file system

+

−

* Equivalent to the root directory or "/" in the Linux filesystem

+

−

+

−

=== DF ===

+

−

* Dedicated Files (DF)

+

−

* Equivalent to a folder in a Windows/Linux filesystem

+

−

* Usually three DF's

+

−

** DF_GSM / DF_DCS1800 / DF_TELECOM

+

−

+

−

==== DF_DCS1800 / DF_GSM ====

+

−

* Contains network related information

+

−

* Specifying data in DF_GSM writes only to DF_GSM on the SIM

+

−

* The SIM is expected to mirror GSM and DCS1800

+

−

+

−

==== DF_TELECOM ====

+

−

* Contains the service related information

+

−

+

−

=== EF ===

+

−

* Elementary Files (EF)

+

−

* Holds one to many records

+

−

* Represent the leaf node of the filesystem

+

−

* EF's sit below the DF's in the filesystem hierarchy

+

−

+

−

=== PLMN ===

+

−

* Public Land Mobile Network

+

−

** A PLMN is a network that is established and operated by an administration or by a recognized operating agency (ROA) for the specific purpose of providing land mobile telecommunications services to the public. [http://en.wikipedia.org/wiki/Public_land_mobile_network]

+

−

+

−

== Information ==

+

−

+

−

=== EF_ICCID ===

+

−

+

−

This displays the ID or Card Identity of the SIM Card, this can also be found on the SIM card itself.

Latest revision as of 20:33, 28 January 2014

Golden G. Richard III is Professor of Computer Science, University Research Professor, and Director of the Greater New Orleans Center for Information Assurance (GNOCIA) at the University of New Orleans, where he has taught and done research in cybersecurity, operating systems internals, reverse engineering, and malware analysis since 1994. Golden earned a Ph.D. in Computer Science from The Ohio State University in 1995. He is also the Founder and Owner of Arcane Alloy, LLC, a private digital forensics and cybersecurity firm, the original author of the Scalpel file carving tool, a pioneer in applying high performance computing principles to digital forensics, and a professional music photographer.

He maintains a blog called "Outlook Purple" and can be found on Twitter at @nolaforensix.